CVE-2006-0705

N/A Unknown

Published: February 15, 2006 Modified: April 16, 2026

Description

Format string vulnerability in a logging function as used by various SFTP servers, including (1) AttachmateWRQ Reflection for Secure IT UNIX Server before 6.0.0.9, (2) Reflection for Secure IT Windows Server before 6.0 build 38, (3) F-Secure SSH Server for Windows before 5.3 build 35, (4) F-Secure SSH Server for UNIX 3.0 through 5.0.8, (5) SSH Tectia Server 4.3.6 and earlier and 4.4.0, and (6) SSH Shell Server 3.2.9 and earlier, allows remote authenticated users to execute arbitrary commands via unspecified vectors, involving crafted filenames and the stat command.

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory

http://marc.info/?l=bugtraq&m=120654385125315&w=2

Source: cve@mitre.org

http://secunia.com/advisories/18828

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/18843

Source: cve@mitre.org

Patch Vendor Advisory

http://secunia.com/advisories/24516

Source: cve@mitre.org

Vendor Advisory

http://secunia.com/advisories/29552

Source: cve@mitre.org

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200703-13.xml

Source: cve@mitre.org

http://securitytracker.com/id?1015619

Source: cve@mitre.org

Patch

http://support.wrq.com/techdocs/1882.html

Source: cve@mitre.org

Patch

http://www.kb.cert.org/vuls/id/419241

Source: cve@mitre.org

Patch US Government Resource

http://www.securityfocus.com/bid/16625

Source: cve@mitre.org

Patch

http://www.securityfocus.com/bid/16640

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/0554

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0555

Source: cve@mitre.org

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1008/references

Source: cve@mitre.org

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24651

Source: cve@mitre.org

http://marc.info/?l=bugtraq&m=120654385125315&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/18828

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/18843

Source: af854a3a-2127-422b-91ae-364da2661108

Patch Vendor Advisory

http://secunia.com/advisories/24516

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://secunia.com/advisories/29552

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://security.gentoo.org/glsa/glsa-200703-13.xml

Source: af854a3a-2127-422b-91ae-364da2661108

http://securitytracker.com/id?1015619

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://support.wrq.com/techdocs/1882.html

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.kb.cert.org/vuls/id/419241

Source: af854a3a-2127-422b-91ae-364da2661108

Patch US Government Resource

http://www.securityfocus.com/bid/16625

Source: af854a3a-2127-422b-91ae-364da2661108

Patch

http://www.securityfocus.com/bid/16640

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2006/0554

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2006/0555

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.vupen.com/english/advisories/2008/1008/references

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

https://exchange.xforce.ibmcloud.com/vulnerabilities/24651

Source: af854a3a-2127-422b-91ae-364da2661108

30 reference(s) from NVD

Quick Stats

CVSS v3 Score

N/A / 10.0

EPSS (Exploit Probability)

5.4%

90th percentile

Exploitation Status

Not in CISA KEV

Weaknesses (CWE)

CWE-134

Affected Vendors

attachmatewrq f-secure

Related CVEs

CVE-2025-71256 7.5

CVE-2025-71255 7.5

CVE-2025-71254 7.5

CVE-2025-71253 7.5

CVE-2025-71252 7.5